Re: OTP (opie) and ssh

To: Carlos Carvalho <carlos@fisica.ufpr.br>
Cc: debian-security@lists.debian.org
Subject: Re: OTP (opie) and ssh
From: Thorsten Sideb0ard <thorsten@robot6.com>
Date: Mon, 18 Sep 2000 16:18:34 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.21.0009181616080.1672-100000@maria.gaffle.com>
In-reply-to: <[🔎] 14790.41394.908.221717@hoggar.fisica.ufpr.br>

I can see the point,
because a would be intruder could look over the shoulder of an authorised
user, or someone with more priveleges than himself, and watch his password
being entered. Then it doesnt matter whether the session is encrypted
because the intruder knows the password.

the more security the better, as far as i am concerned.

-thorsten sideb0ard
network/systems engineer

On Mon, 18 Sep 2000, Carlos Carvalho wrote:

> Peter Palfrader (ppalfrad@cosy.sbg.ac.at) wrote on 19 September 2000 00:04:
>  >I just set up libpam-opie and it works quite well from the console as
>  >well as with ssh. Unfortunatly it does not show wich OTPasswd it expects
>  >with ssh login but this is another story.
> 
> I don't see the point of using ssh with otp. They are different
> methods to achieve the same goal, and are redundant.
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

Follow-Ups:
- Re: OTP (opie) and ssh
  - From: Henrique M Holschuh <hmh+debianml@rcm.org.br>

References:
- Re: OTP (opie) and ssh
  - From: Carlos Carvalho <carlos@fisica.ufpr.br>

Prev by Date: Re: OTP (opie) and ssh
Next by Date: Re: OTP (opie) and ssh
Previous by thread: Re: OTP (opie) and ssh
Next by thread: Re: OTP (opie) and ssh
Index(es):
- Date
- Thread